<?php
namespace Cyfy\Modules\PasswordRecovery;

use Cyfy\Modules\User;

class Module extends \Cyfy\Module
{
    const RECOVERY_URL = "user/password-recovery/";
  
	/**
      * Gets the specified content
      *
      * @return  string
     */
	static function get($id)
	{
        \Cyfy\Template :: setTitle(self :: t(10));  
		$output = "<h2>" . self :: t(10) . "</h2>\n";

		switch($id)
		{
			case "main":
                $form = new Forms\Recovery();
				$output .= $form -> show();
                return $output;
                
            case "recovery":
				return $output .= self :: recoveryContinue(\Cyfy\Cyfy :: arg(2));
		}
	}
    
    
    
    static function recoverForUser($uid)
    {
        $result = \dibi :: query("SELECT [name], [username], [email], [uid] FROM [:cyfy:Users-users] WHERE [uid] = %i LIMIT 1", $uid);
        if(count($result) == 0)
        {
            return false;
        }
        
        // OK
        $user = $result -> fetch();
        
        // unique value
        $unique =  md5(uniqid());
        \dibi :: query("INSERT INTO [:cyfy:PasswordRecovery] VALUES('$unique', '{$user["uid"]}')");
        
        $user["link"] = \Cyfy\Constants :: get("SiteInformation", "url") . self :: RECOVERY_URL . $unique;
        
        $email = new \Cyfy\Modules\PHPMailer\PHPMailer();
        $email -> addAddress($user["email"], $user["name"]);
        $email -> setSubject(self :: t(30));
        $email -> setContent((array) $user);
        $email -> setTemplate("PasswordRecovery", "password-recovery-confirmation");
        return $email -> post();
    }
    
    
    
    
    static private function recoveryContinue($prid)
    {
        $result = \dibi :: query("SELECT [uid] FROM [:cyfy:PasswordRecovery] WHERE [prid] = %s LIMIT 1", $prid);
        if(count($result) == 0)
        {
            \Cyfy\Message :: set(self :: t(110), \Cyfy\Message::ERROR);
            \Cyfy\Message :: set(self :: t(120));
            return false;
        }
        $user = $result -> fetch();
        
        $result = \dibi :: query("SELECT * FROM [:cyfy:Users-users] WHERE uid = {$user["uid"]} LIMIT 1");
        if(count($result) == 0)
        {
            return false;
        }
        
        // user OK
        $user = $result -> fetch();
        
        $newPassword = generatePassword();
        $newPasswordHash = hash("md5",$newPassword);
		$user["password"] = $newPassword;
    
        \dibi :: query("UPDATE [:cyfy:Users-users] SET [password] =  %s ", $newPasswordHash, " WHERE [uid] = %s", $user["uid"]);  
       
       
        $email = new \Cyfy\Modules\PHPMailer\PHPMailer();
        $email -> addAddress($user["email"], $user["name"]);
        $email -> setSubject(self :: t(140));
        $email -> setContent((array) $user);
        $email -> setTemplate("PasswordRecovery", "password-recovery-new-password");
        $status = $email -> post();
        
        // message
        $output = "<h3>" . self :: t(150) . "</h3>";
        $output .= "<p>" . self :: t(160) . "</p>";
        $output .= "<p>" . self :: t(170) . ": <strong>{$user["username"]}</strong></p>";
        $output .= "<p>" . self :: t(180) . ": <strong>{$newPassword}</strong></p>";
        
        if($status)
        {
            $output .= "<p>&nbsp;</p>";
            $output .= \Cyfy\Message :: get(self :: t(190));
        }
        
        // delete recovery info
        \dibi :: query("DELETE FROM [:cyfy:PasswordRecovery] WHERE [uid] = %i", $user["uid"]);  
        
        
        return $output;
    }
    
}